package com.xuecheng.system.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@Configuration
public class GlobalCorsConfig {
    //跨域过滤器
    @Bean
    public CorsFilter corsFilter(){
        CorsConfiguration config = new CorsConfiguration();
        //允许白名单域名进行跨域调用，允许哪些请求源进行跨域
        config.addAllowedOrigin("*");
        //允许跨域发送cookie
        config.setAllowCredentials(true);
        //允许所有请求方式跨域调用
        config.addAllowedMethod("*");
        //允许添加了Authorization请求头的请求进行跨域，复杂跨域
//        config.addAllowedHeader("Authorization");
        config.addAllowedHeader("*");
        UrlBasedCorsConfigurationSource source =
                new UrlBasedCorsConfigurationSource();
        //这个/**表示所有的请求都要经过这个跨域过滤器
        source.registerCorsConfiguration("/**",config);
        return new CorsFilter(source);
    }
}
